Remote work security: how to reduce risk of attacks before they happen

The past couple of years have seen significant changes in how people work, which look set to stay. Cybersecurity for remote workers will be essential as employers prepare to manage employees in a hybrid working world.

Enabling a remote workforce comes with all kinds of potential dangers. Employees using their home IT equipment create a much larger potential attack surface, and your IT team is limited in what it can see and what it can do to mitigate risk.

According to the Velocity Smart Technology Market Research Report 2021, 70% of remote workers said they experienced IT and security problems when working from home (WFH) during the pandemic. Over half of them reported waiting up to three hours to resolve an issue. At the same time, one-quarter of employees said they experienced an increase in fraudulent emails, spam and phishing attempts in their work email accounts.

Gartner research found that 47% of organizations plan to give employees the choice of working remotely full time, while 82% said employees can work from home at least one day a week. So your security policies and practices will need to be more robust than ever.

A new world of potential vulnerabilities

The concern is that remote working presents malicious actors with increased potential entry points and new vulnerabilities to exploit.

According to Charl van der Walt, Head of Security Research at Orange Cyberdefense, “Consumers are using free Wi-Fi or cheap consumer-grade tech to access our corporate networks. Those devices are not built with security in mind and are jammed full of vulnerabilities. And the fundamental point is security practitioners can’t control it.”

Phishing has also increased over the last year. At the height of the pandemic in 2020, one report found that there had been a massive 667% increase in phishing emails, and Google has been blocking more than 100 million phishing emails daily. Phishing was already a top enterprise cybersecurity concern, but it seems more of a threat when workers are outside the corporate perimeter. Nearly half of workers have admitted falling for a phishing scam while WFH.

Ransomware attacks have also become more sophisticated, with hackers now combining data leakage attacks alongside ransomware to convince victims to pay up. These so-called “Double Extortion” attacks are on the increase, with Orange Cyberdefense tracking an almost six-times increase in them between Q1 2020 and Q3 2021. Indeed, the Orange Cyberdefense Security Navigator 2021 report found that there has been a 13% increase in cyberattacks on enterprises in the past 12 months, with a rise in ransomware incidents in general, and, for the first time in their reports, a noticeable increase in attacks against mobile devices.

Preventing threats before they happen

If you find yourself trying to respond to a cybersecurity incident, the damage has probably already been done. It is better to reduce the risk of an attack getting through in the first place. Constant vigilance is key. Malicious actors will see the shift to remote working as an opportunity to develop new techniques to attack corporate systems.

Before COVID-19, around 20% of cyberattacks used malware that security professionals hadn’t seen before, new methods and tools. This number increased to 35% during the pandemic as attackers changed their approaches: phishing attacks began to use SMS and voice rather than email.

The significance of a zero-trust approach

According to van der Walt, “It became clear that there are several emerging threats that our existing architectures and mindsets aren’t equipped to deal with, and that we need to focus very specifically on those threats or change our architecture and philosophy to take those risks out of the equation. Because what we need today is secure access to anything from anywhere, and with so many systems moving to the cloud, the security perimeter is really changing–there is no more boundary, and so in many ways, traditional security solutions are just not as appropriate as they used to be. This brings us to the concept of zero trust, and that we need to consider all networks equal and equally untrustworthy.”

A zero-trust approach to remote working security is ideally suited to the era of cloud-based access and mobile work. Zero is location agnostic, so it does not matter whether your workers are in the office or remote; you can apply the same levels of security and vigilance across your entire IT estate.

Nathan Howe, Vice President Emerging Technologies at Zscaler, who spoke at the recent Orange Business Hello! World webinar, said “Zero trust is about connecting an authorized, valid individual to an authorized, valid application or workload. What’s become very clear is that the uptake of SASE and other solutions is driving this need to be connected to multiple things at once. And zero trust really comes down to ensuring we are validating the right user with the right identity, and it is a fluid situation that you must constantly assess.”

It is a move that looks inevitable as endpoints become more distributed and hybrid work becomes more commonplace. According to Gartner, there will be a continued shift away from VPNs enabling secure remote working, and zero trust will become the norm. By 2023, 60% of enterprises will phase out their remote VPN networks in favor of zero-trust network access.

Read more about how best to secure your remote workers in the Orange Cyberdefense whitepaper: Securing your remote workers: A comprehensive guide to protecting your organization in the age of remote working.

Steve Harris

I’ve been writing about technology for around 15 years and today focus mainly on all things telecoms - next generation networks, mobile, cloud computing and plenty more. For Futurity Media I am based in the Asia-Pacific region and keep a close eye on all things tech happening in that exciting part of the world.